General

Malware Config

Signatures

Files

• 230406-bzj2fsaf74

  .exe windows:5 windows x86 arch:x86

  46ec036f108b9442762024102130efcd

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_AGGRESIVE_WS_TRIM

  IMAGE_FILE_32BIT_MACHINE

  Imports

  nddeapi

  NDdeShareAddA

  NDdeShareDelA

  NDdeShareGetInfoA

  kernel32

  GetModuleFileNameA

  lstrcmpiA

  GetDateFormatW

  GetModuleHandleW

  GetProcAddress

  CreateMailslotW

  GetLogicalDriveStringsW

  ReadConsoleW

  WaitForSingleObject

  InitializeCriticalSection

  LoadLibraryA

  GetConsoleAliasA

  GetFileAttributesW

  DeleteFileW

  SearchPathA

  GetACP

  GetCommandLineA

  CreateFileMappingA

  SetErrorMode

  advapi32

  RegEnumKeyA

  RegReplaceKeyW

  RegUnLoadKeyA

  OpenEventLogA

  ClearEventLogW

  RegLoadKeyA

  LogonUserW

  RegCreateKeyExW

  InitializeAcl

  CryptSignHashW

  ControlService

  RegDeleteValueA

  RegOpenKeyA

  shell32

  FindExecutableW

  SHGetFileInfoW

  StrStrA

  StrChrW

  ShellAboutW

  ExtractIconW

  SHGetFolderPathA

  DllRegisterServer

  SHCreateShellItem

  SHFree

  user32

  GetClassLongW

  LoadBitmapW

  CreateDesktopA

  wsprintfA

  PostMessageW

  GetDlgItemTextW

  IsDialogMessageA

  DispatchMessageA

  GetMessageA

  LoadMenuA

  LoadStringA

  LoadIconW

  DialogBoxParamA

  CharToOemA

  DrawStateA

  InsertMenuW

  GetPropW

  Sections

  .text

  Size: 45KB - Virtual size: 44KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 10KB - Virtual size: 10KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 29KB - Virtual size: 29KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 553KB - Virtual size: 553KB

  IMAGE_SCN_MEM_READ